On 20th of July, we received a support ticket from “Barry Whitehat” regarding a security vulnerability without a reply address. On 23rd of July, we received an email to our support email from Gustav Simonsson who mentioned that he has also discovered a security vulnerability. As we knew who he was, we contacted him by e-mail and phone to confirm his identity. He confirmed his identity and Digix got to work verifying the issue he had related immediately.

Vulnerability Details

A bug in the DigixDAO Crowdsale Contract allowed an attacker to receive unclaimed DGD tokens.

In order for DGD participants to claim their DGD tokens, they were instructed to call the claim() function below.

This function call calls the claimFor() function and passes the msg.sender. This calls the DGD Token contract’s mint() function to create the coins on the DGD ERC20 token contract. In this line the DGD badges were correctly sent to the proper recipients (the address set in the _user variable) but the DGD tokens were sent to the msg.sender instead, allowing an attacker to receive unclaimed DGD tokens from the crowdsale.

The bug in question is in line 163 of our crowdsale contract.

What we did to figure out the impact of the exploit:

Download full chain with state pruning turned off to allow us a comprehensive view of all transactions that have taken place on our DGD Crowdsale Contract.Look through the list of claimed / unclaimed dgdsFigure out who used the claimfor() functionIf address of claimee ≠ the originator of the claimfor() function : Added to sum total of DGDs lost.

We only published a reduced version of the ABI to our users during the claim period to avoid confusion. The claimFor() function was not generally available to the regular user community.The first sign of the exploit was on block number 4,052,390. We believe our ETC redemption contract at block 3,800,000 attracted additional scrutiny on our crowdsale contract.

Impact of Exploit

No Ethers are at risk. The vulnerable code path does not have any Ether related functions.4162.2647 DGDs were affected. No more DGDs will be affected.No DGD proposer badges were affected

Post Impact:

None. No longer Exploitable

Reimbursement for claimees

Digix will reimburse any claimees who can sign a 0 ETH transaction from the original recipient address to address 0xd3C826507E425d38937b6868DF60D90Dbd8C7B68